SipHash

SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.^[1]

Overview

SipHash computes 64-bit message authentication code from a variable-length message and 128-bit secret key. It was designed to be efficient even for short inputs, with performance comparable to non-cryptographic hash functions, such as CityHash,^[1] thus can be used in hash tables to prevent DoS collision attack (hash flooding) or to authenticate network packets.

Functions in SipHash family are specified as SipHash-c-d, where c is the number of rounds per message block and d is the number of finalization rounds. The recommended parameters are SipHash-2-4 for best performance, and SipHash-4-8 for conservative security.

The reference implementation was released as public domain software under the CC0.^[2]

Usage

SipHash is used in hash table implementations of various software:^[3]

Perl (available as compile-time option)^[4]
Python (starting in version 3.4)^[5]
Ruby
Rust ^[6]
systemd ^[7]
OpenDNS
Haskell
OpenBSD

Native Implementations

References

^ ^a ^b Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).
^ siphash "Intellectual property: We aren't aware of any patents or patent applications relevant to SipHash, and we aren't planning to apply for any. The reference code of SipHash is released under CC0 license, a public domain-like license."
^ Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF, Users".
^ "Perl security – Algorithmic Complexity Attacks".
^ Christian Heimes. "PEP 456 -- Secure and interchangeable hash algorithm". Retrieved 20 November 2013.
^ Graydon Hoare. "Add core::hash containing SipHash-2-4 implementation. Re: #1616 and #859". Retrieved 4 December 2014.
^ Lennart Poettering. "shared: switch our hash table implementation over to SipHash". Retrieved 4 December 2014.

External links

Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF - Project Page".

Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).

Jean-Philippe Aumasson, Daniel J. Bernstein (2012-08-15). "SipHash: a fast short-input PRF - Presentation slides" (PDF).

Jean-Philippe Aumasson, Daniel J. Bernstein, Martin Boßlet (2012-12-29). "Hash-flooding DoS reloaded: attacks and defenses (video)".{{cite web}}: CS1 maint: multiple names: authors list (link)

[paper-1] Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).

[2] siphash "Intellectual property: We aren't aware of any patents or patent applications relevant to SipHash, and we aren't planning to apply for any. The reference code of SipHash is released under CC0 license, a public domain-like license."

[3] Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF, Users".

[4] "Perl security – Algorithmic Complexity Attacks".

[5] Christian Heimes. "PEP 456 -- Secure and interchangeable hash algorithm". Retrieved 20 November 2013.

[6] Graydon Hoare. "Add core::hash containing SipHash-2-4 implementation. Re: #1616 and #859". Retrieved 4 December 2014.

[7] Lennart Poettering. "shared: switch our hash table implementation over to SipHash". Retrieved 4 December 2014.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

Overview

Usage

See also

References

External links